mirror of
https://github.com/zitadel/zitadel.git
synced 2025-06-09 20:18:32 +00:00
5c6df06a7c
* feat: queries for searching mfas and passwordless * feat: tests for user auth method queries * Update internal/api/grpc/auth/multi_factor.go Co-authored-by: Livio Amstutz <livio.a@gmail.com> * Update internal/api/grpc/auth/passwordless.go Co-authored-by: Livio Amstutz <livio.a@gmail.com> * Update internal/api/grpc/management/user.go Co-authored-by: Livio Amstutz <livio.a@gmail.com> * Update internal/api/grpc/management/user.go Co-authored-by: Livio Amstutz <livio.a@gmail.com> Co-authored-by: Livio Amstutz <livio.a@gmail.com>
246 lines
6.5 KiB
Go
246 lines
6.5 KiB
Go
package user
|
|
|
|
import (
|
|
"github.com/caos/zitadel/internal/api/grpc/object"
|
|
"github.com/caos/zitadel/internal/domain"
|
|
"github.com/caos/zitadel/internal/eventstore/v1/models"
|
|
"github.com/caos/zitadel/internal/query"
|
|
"github.com/caos/zitadel/internal/user/model"
|
|
usr_grant_model "github.com/caos/zitadel/internal/usergrant/model"
|
|
user_pb "github.com/caos/zitadel/pkg/grpc/user"
|
|
)
|
|
|
|
func UsersToPb(users []*model.UserView) []*user_pb.User {
|
|
u := make([]*user_pb.User, len(users))
|
|
for i, user := range users {
|
|
u[i] = UserToPb(user)
|
|
}
|
|
return u
|
|
}
|
|
func UserToPb(user *model.UserView) *user_pb.User {
|
|
return &user_pb.User{
|
|
Id: user.ID,
|
|
State: ModelUserStateToPb(user.State),
|
|
UserName: user.UserName,
|
|
LoginNames: user.LoginNames,
|
|
PreferredLoginName: user.PreferredLoginName,
|
|
Type: UserTypeToPb(user),
|
|
Details: object.ToViewDetailsPb(
|
|
user.Sequence,
|
|
user.CreationDate,
|
|
user.ChangeDate,
|
|
user.ResourceOwner,
|
|
),
|
|
}
|
|
}
|
|
|
|
func UserTypeToPb(user *model.UserView) user_pb.UserType {
|
|
if user.HumanView != nil {
|
|
return &user_pb.User_Human{
|
|
Human: HumanToPb(user.HumanView),
|
|
}
|
|
}
|
|
if user.MachineView != nil {
|
|
return &user_pb.User_Machine{
|
|
Machine: MachineToPb(user.MachineView),
|
|
}
|
|
}
|
|
return nil
|
|
}
|
|
|
|
func HumanToPb(view *model.HumanView) *user_pb.Human {
|
|
return &user_pb.Human{
|
|
Profile: &user_pb.Profile{
|
|
FirstName: view.FirstName,
|
|
LastName: view.LastName,
|
|
NickName: view.NickName,
|
|
DisplayName: view.DisplayName,
|
|
PreferredLanguage: view.PreferredLanguage,
|
|
Gender: GenderToPb(view.Gender),
|
|
AvatarUrl: view.AvatarURL,
|
|
},
|
|
Email: &user_pb.Email{
|
|
Email: view.Email,
|
|
IsEmailVerified: view.IsEmailVerified,
|
|
},
|
|
Phone: &user_pb.Phone{
|
|
Phone: view.Phone,
|
|
IsPhoneVerified: view.IsPhoneVerified,
|
|
},
|
|
}
|
|
}
|
|
|
|
func MachineToPb(view *model.MachineView) *user_pb.Machine {
|
|
return &user_pb.Machine{
|
|
Name: view.Name,
|
|
Description: view.Description,
|
|
}
|
|
}
|
|
|
|
func ProfileToPb(profile *model.Profile) *user_pb.Profile {
|
|
return &user_pb.Profile{
|
|
FirstName: profile.FirstName,
|
|
LastName: profile.LastName,
|
|
NickName: profile.NickName,
|
|
DisplayName: profile.DisplayName,
|
|
PreferredLanguage: profile.PreferredLanguage.String(),
|
|
Gender: GenderToPb(profile.Gender),
|
|
AvatarUrl: profile.AvatarURL,
|
|
}
|
|
}
|
|
|
|
func EmailToPb(email *model.Email) *user_pb.Email {
|
|
return &user_pb.Email{
|
|
Email: email.EmailAddress,
|
|
IsEmailVerified: email.IsEmailVerified,
|
|
}
|
|
}
|
|
|
|
func PhoneToPb(phone *model.Phone) *user_pb.Phone {
|
|
return &user_pb.Phone{
|
|
Phone: phone.PhoneNumber,
|
|
IsPhoneVerified: phone.IsPhoneVerified,
|
|
}
|
|
}
|
|
|
|
func ModelEmailToPb(email *model.Email) *user_pb.Email {
|
|
return &user_pb.Email{
|
|
Email: email.EmailAddress,
|
|
IsEmailVerified: email.IsEmailVerified,
|
|
}
|
|
}
|
|
|
|
func ModelPhoneToPb(phone *model.Phone) *user_pb.Phone {
|
|
return &user_pb.Phone{
|
|
Phone: phone.PhoneNumber,
|
|
IsPhoneVerified: phone.IsPhoneVerified,
|
|
}
|
|
}
|
|
|
|
func GenderToDomain(gender user_pb.Gender) domain.Gender {
|
|
switch gender {
|
|
case user_pb.Gender_GENDER_DIVERSE:
|
|
return domain.GenderDiverse
|
|
case user_pb.Gender_GENDER_MALE:
|
|
return domain.GenderMale
|
|
case user_pb.Gender_GENDER_FEMALE:
|
|
return domain.GenderFemale
|
|
default:
|
|
return -1
|
|
}
|
|
}
|
|
|
|
func ModelUserStateToPb(state model.UserState) user_pb.UserState {
|
|
switch state {
|
|
case model.UserStateActive:
|
|
return user_pb.UserState_USER_STATE_ACTIVE
|
|
case model.UserStateInactive:
|
|
return user_pb.UserState_USER_STATE_INACTIVE
|
|
case model.UserStateDeleted:
|
|
return user_pb.UserState_USER_STATE_DELETED
|
|
case model.UserStateInitial:
|
|
return user_pb.UserState_USER_STATE_INITIAL
|
|
case model.UserStateLocked:
|
|
return user_pb.UserState_USER_STATE_LOCKED
|
|
case model.UserStateSuspend:
|
|
return user_pb.UserState_USER_STATE_SUSPEND
|
|
default:
|
|
return user_pb.UserState_USER_STATE_UNSPECIFIED
|
|
}
|
|
}
|
|
|
|
func ModelUserGrantStateToPb(state usr_grant_model.UserGrantState) user_pb.UserGrantState {
|
|
switch state {
|
|
case usr_grant_model.UserGrantStateActive:
|
|
return user_pb.UserGrantState_USER_GRANT_STATE_ACTIVE
|
|
case usr_grant_model.UserGrantStateInactive:
|
|
return user_pb.UserGrantState_USER_GRANT_STATE_INACTIVE
|
|
default:
|
|
return user_pb.UserGrantState_USER_GRANT_STATE_UNSPECIFIED
|
|
}
|
|
}
|
|
|
|
func GenderToPb(gender model.Gender) user_pb.Gender {
|
|
switch gender {
|
|
case model.GenderDiverse:
|
|
return user_pb.Gender_GENDER_DIVERSE
|
|
case model.GenderFemale:
|
|
return user_pb.Gender_GENDER_FEMALE
|
|
case model.GenderMale:
|
|
return user_pb.Gender_GENDER_MALE
|
|
default:
|
|
return user_pb.Gender_GENDER_UNSPECIFIED
|
|
}
|
|
}
|
|
|
|
func AuthMethodsToPb(mfas *query.AuthMethods) []*user_pb.AuthFactor {
|
|
factors := make([]*user_pb.AuthFactor, len(mfas.AuthMethods))
|
|
for i, mfa := range mfas.AuthMethods {
|
|
factors[i] = AuthMethodToPb(mfa)
|
|
}
|
|
return factors
|
|
}
|
|
|
|
func AuthMethodToPb(mfa *query.AuthMethod) *user_pb.AuthFactor {
|
|
factor := &user_pb.AuthFactor{
|
|
State: MFAStateToPb(mfa.State),
|
|
}
|
|
switch mfa.Type {
|
|
case domain.UserAuthMethodTypeOTP:
|
|
factor.Type = &user_pb.AuthFactor_Otp{
|
|
Otp: &user_pb.AuthFactorOTP{},
|
|
}
|
|
case domain.UserAuthMethodTypeU2F:
|
|
factor.Type = &user_pb.AuthFactor_U2F{
|
|
U2F: &user_pb.AuthFactorU2F{
|
|
Id: mfa.TokenID,
|
|
Name: mfa.Name,
|
|
},
|
|
}
|
|
}
|
|
return factor
|
|
}
|
|
|
|
func MFAStateToPb(state domain.MFAState) user_pb.AuthFactorState {
|
|
switch state {
|
|
case domain.MFAStateNotReady:
|
|
return user_pb.AuthFactorState_AUTH_FACTOR_STATE_NOT_READY
|
|
case domain.MFAStateReady:
|
|
return user_pb.AuthFactorState_AUTH_FACTOR_STATE_READY
|
|
default:
|
|
return user_pb.AuthFactorState_AUTH_FACTOR_STATE_UNSPECIFIED
|
|
}
|
|
}
|
|
|
|
func UserAuthMethodsToWebAuthNTokenPb(methods *query.AuthMethods) []*user_pb.WebAuthNToken {
|
|
t := make([]*user_pb.WebAuthNToken, len(methods.AuthMethods))
|
|
for i, token := range methods.AuthMethods {
|
|
t[i] = UserAuthMethodToWebAuthNTokenPb(token)
|
|
}
|
|
return t
|
|
}
|
|
|
|
func UserAuthMethodToWebAuthNTokenPb(token *query.AuthMethod) *user_pb.WebAuthNToken {
|
|
return &user_pb.WebAuthNToken{
|
|
Id: token.TokenID,
|
|
State: MFAStateToPb(token.State),
|
|
Name: token.Name,
|
|
}
|
|
}
|
|
|
|
func ExternalIDPViewsToExternalIDPs(externalIDPs []*query.IDPUserLink) []*domain.UserIDPLink {
|
|
idps := make([]*domain.UserIDPLink, len(externalIDPs))
|
|
for i, idp := range externalIDPs {
|
|
idps[i] = &domain.UserIDPLink{
|
|
ObjectRoot: models.ObjectRoot{
|
|
AggregateID: idp.UserID,
|
|
ResourceOwner: idp.ResourceOwner,
|
|
},
|
|
IDPConfigID: idp.IDPID,
|
|
ExternalUserID: idp.ProvidedUserID,
|
|
DisplayName: idp.ProvidedUsername,
|
|
}
|
|
}
|
|
return idps
|
|
}
|